From 37b29231e47a0c4458dc1c15d98588f16f07e1e2 Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Thu, 06 Aug 2015 03:18:44 -0400
Subject: [PATCH] - don't set password via remoting if field is empty

---
 server/lib/classes/cron.d/100-mailbox_stats.inc.php |   91 ++++++++++++++++++++++++++++++++++-----------
 1 files changed, 68 insertions(+), 23 deletions(-)

diff --git a/server/lib/classes/cron.d/100-mailbox_stats.inc.php b/server/lib/classes/cron.d/100-mailbox_stats.inc.php
index 7508490..9778b2f 100644
--- a/server/lib/classes/cron.d/100-mailbox_stats.inc.php
+++ b/server/lib/classes/cron.d/100-mailbox_stats.inc.php
@@ -32,6 +32,9 @@
 
 	// job schedule
 	protected $_schedule = '0 0 * * *';
+	protected $mailbox_traffic = array();
+	protected $mail_boxes = array();
+	protected $mail_rewrites = array();
 
 	/* this function is optional if it contains no custom code */
 	public function onPrepare() {
@@ -57,8 +60,8 @@
 		//######################################################################################################
 
 		$parse_mail_log = false;
-		$sql = "SELECT mailuser_id,maildir FROM mail_user WHERE server_id = ".$conf['server_id'];
-		$records = $app->db->queryAllRecords($sql);
+		$sql = "SELECT mailuser_id,maildir FROM mail_user WHERE server_id = ?";
+		$records = $app->db->queryAllRecords($sql, $conf['server_id']);
 		if(count($records) > 0) $parse_mail_log = true;
 
 		foreach($records as $rec) {
@@ -82,16 +85,17 @@
 				// Save the traffic stats in the sql database
 				$tstamp = date('Y-m');
 
-				$sql = "SELECT * FROM mail_traffic WHERE month = '$tstamp' AND mailuser_id = ".$rec['mailuser_id'];
-				$tr = $app->dbmaster->queryOneRecord($sql);
+				$sql = "SELECT * FROM mail_traffic WHERE month = '$tstamp' AND mailuser_id = ?";
+				$tr = $app->dbmaster->queryOneRecord($sql, $rec['mailuser_id']);
 
 				$mail_traffic += $tr['traffic'];
 				if($tr['traffic_id'] > 0) {
-					$sql = "UPDATE mail_traffic SET traffic = $mail_traffic WHERE traffic_id = ".$tr['traffic_id'];
+					$sql = "UPDATE mail_traffic SET traffic = ? WHERE traffic_id = ?";
+					$app->dbmaster->query($sql, $mail_traffic, $tr['traffic_id']);
 				} else {
-					$sql = "INSERT INTO mail_traffic (month,mailuser_id,traffic) VALUES ('$tstamp',".$rec['mailuser_id'].",$mail_traffic)";
+					$sql = "INSERT INTO mail_traffic (month,mailuser_id,traffic) VALUES (?,?,?)";
+					$app->dbmaster->query($sql, $tstamp, $rec['mailuser_id'], $mail_traffic);
 				}
-				$app->dbmaster->query($sql);
 				//echo $sql;
 
 			}
@@ -140,13 +144,13 @@
 				}
 			}
 
-			$sql = "SELECT email FROM mail_user WHERE server_id = ".$conf['server_id'];
-			$records = $app->db->queryAllRecords($sql);
+			$sql = "SELECT email FROM mail_user WHERE server_id = ?";
+			$records = $app->db->queryAllRecords($sql, $conf['server_id']);
 			foreach($records as $record) {
 				$mail_boxes[] = $record['email'];
 			}
-			$sql = "SELECT source, destination FROM mail_forwarding WHERE server_id = ".$conf['server_id'];
-			$records = $app->db->queryAllRecords($sql);
+			$sql = "SELECT source, destination FROM mail_forwarding WHERE server_id = ?";
+			$records = $app->db->queryAllRecords($sql, $conf['server_id']);
 			foreach($records as $record) {
 				$targets = preg_split('/[\n,]+/', $record['destination']);
 				foreach($targets as $target) {
@@ -163,7 +167,7 @@
 			$cur_line = false;
 
 			if(file_exists($state_file)) {
-				$prev_line = parse_mail_log_line(trim(file_get_contents($state_file)));
+				$prev_line = $this->parse_mail_log_line(trim(file_get_contents($state_file)));
 				//if($prev_line) echo "continuing from previous run, log position: " . $prev_line['message-id'] . " at " . strftime('%d.%m.%Y %H:%M:%S', $prev_line['timestamp']) . "\n";
 			}
 
@@ -174,7 +178,8 @@
 				while($line = fgets($fp, 8192)) {
 					$l++;
 					//if($l % 1000 == 0) echo "\rline $l";
-					$cur_line = parse_mail_log_line($line);
+					$cur_line = $this->parse_mail_log_line($line);
+					//print_r($cur_line);
 					if(!$cur_line) continue;
 
 					if($prev_line) {
@@ -189,9 +194,13 @@
 						}
 					}
 
-					add_mailbox_traffic($mailbox_traffic, $cur_line['from'], $cur_line['size']);
+					$this->add_mailbox_traffic($cur_line['from'], $cur_line['size']);
+					//echo "1\n";
+					//print_r($this->mailbox_traffic);
 					foreach($cur_line['to'] as $to) {
-						add_mailbox_traffic($mailbox_traffic, $to, $cur_line['size']);
+						$this->add_mailbox_traffic($to, $cur_line['size']);
+						//echo "2\n";
+						//print_r($this->mailbox_traffic);
 					}
 					$last_line = $line; // store for the state file
 				}
@@ -206,7 +215,7 @@
 				while($line = fgets($fp, 8192)) {
 					$l++;
 					//if($l % 1000 == 0) echo "\rline $l";
-					$cur_line = parse_mail_log_line($line);
+					$cur_line = $this->parse_mail_log_line($line);
 					if(!$cur_line) continue;
 
 					if($prev_line) {
@@ -231,20 +240,21 @@
 
 			// Save the traffic stats in the sql database
 			$tstamp = date('Y-m');
-			$sql = "SELECT mailuser_id,email FROM mail_user WHERE server_id = ".$conf['server_id'];
-			$records = $app->db->queryAllRecords($sql);
+			$sql = "SELECT mailuser_id,email FROM mail_user WHERE server_id = ?";
+			$records = $app->db->queryAllRecords($sql, $conf['server_id']);
 			foreach($records as $rec) {
 				if(array_key_exists($rec['email'], $mailbox_traffic)) {
-					$sql = "SELECT * FROM mail_traffic WHERE month = '$tstamp' AND mailuser_id = ".$rec['mailuser_id'];
-					$tr = $app->dbmaster->queryOneRecord($sql);
+					$sql = "SELECT * FROM mail_traffic WHERE month = ? AND mailuser_id = ?";
+					$tr = $app->dbmaster->queryOneRecord($sql, $tstamp, $rec['mailuser_id']);
 
 					$mail_traffic = $tr['traffic'] + $mailbox_traffic[$rec['email']];
 					if($tr['traffic_id'] > 0) {
-						$sql = "UPDATE mail_traffic SET traffic = $mail_traffic WHERE traffic_id = ".$tr['traffic_id'];
+						$sql = "UPDATE mail_traffic SET traffic = ? WHERE traffic_id = ?";
+						$app->dbmaster->query($sql, $mail_traffic, $tr['traffic_id']);
 					} else {
-						$sql = "INSERT INTO mail_traffic (month,mailuser_id,traffic) VALUES ('$tstamp',".$rec['mailuser_id'].",$mail_traffic)";
+						$sql = "INSERT INTO mail_traffic (month,mailuser_id,traffic) VALUES (?,?,?)";
+						$app->dbmaster->query($sql, $tstamp, $rec['mailuser_id'], $mail_traffic);
 					}
-					$app->dbmaster->query($sql);
 					//echo $sql;
 				}
 			}
@@ -263,6 +273,41 @@
 
 		parent::onAfterRun();
 	}
+	
+	private function parse_mail_log_line($line) {
+		//Oct 31 17:35:48 mx01 amavis[32014]: (32014-05) Passed CLEAN, [IPv6:xxxxx] [IPv6:xxxxx] <xxx@yyyy> -> <aaaa@bbbb>, Message-ID: <xxxx@yyyyy>, mail_id: xxxxxx, Hits: -1.89, size: 1591, queued_as: xxxxxxx, 946 ms
+
+		if(preg_match('/^(\w+\s+\d+\s+\d+:\d+:\d+)\s+[^ ]+\s+amavis.* <([^>]+)>\s+->\s+((<[^>]+>,)+) .*Message-ID:\s+<([^>]+)>.* size:\s+(\d+),.*$/', $line, $matches) == false) return false;
+
+		$timestamp = strtotime($matches[1]);
+		if(!$timestamp) return false;
+
+		$to = array();
+		$recipients = explode(',', $matches[3]);
+		foreach($recipients as $recipient) {
+			$recipient = substr($recipient, 1, -1);
+			if(!$recipient || $recipient == $matches[2]) continue;
+			$to[] = $recipient;
+		}
+		return array('line' => $line, 'timestamp' => $timestamp, 'size' => $matches[6], 'from' => $matches[2], 'to' => $to, 'message-id' => $matches[5]);
+	}
+	
+	private function add_mailbox_traffic($address, $traffic) {
+
+		$address = strtolower($address);
+
+		if(in_array($address, $this->mail_boxes) == true) {
+			if(!isset($this->mailbox_traffic[$address])) $this->mailbox_traffic[$address] = 0;
+			$this->mailbox_traffic[$address] += $traffic;
+		} elseif(array_key_exists($address, $this->mail_rewrites)) {
+			foreach($this->mail_rewrites[$address] as $address) {
+				if(!isset($this->mailbox_traffic[$address])) $this->mailbox_traffic[$address] = 0;
+				$this->mailbox_traffic[$address] += $traffic;
+			}
+		} else {
+			// this is not a local address - skip it
+		}
+	}
 
 }
 

--
Gitblit v1.9.1